Does my Business Need Cyber Liability Insurance?

Every organization regardless of size, which uses technology to do business faces cyber risk. Technology is becoming more complex and sophisticated at an astonishing rate, and threats to cybersecurity are likewise becoming more complex and sophisticated. It’s not so much a question of whether your organization will be the target of cyberattack, but when.

Because the financial consequences of a cyberattack can be devastating, business owners must consider what they can do to manage risk and mitigate damage. While a cybersecurity plan is a must, it is also a good idea to have a cyber liability insurance policy in place. Globally,  companies are paying almost $5 million per cybersecurity breach. Attacks on small businesses can cost between $120,000 and $1 million per incident on average. These costs are incurred because cyberattacks on any size business can result in:

• Lost income from business disruption
• Costs associated with notifying customers affected by a breach
• Damage and destruction of data and costs of recovering compromised data
• Costs of repairing damaged computer systems
• Damage to brand trust
• Litigation expenses
• Regulatory fines
• Ransomware payments

Cyber insurance helps cover financial losses resulting from cyberattacks and data breaches. Many carriers also offer legal, forensics, and IT support to get systems back up and running. Some plans also offer cyber-security tools and end user training.

Cyber insurance policies typically fall into two main categories: first-party coverage and third-party liability coverage. First-party policies cover direct expenses from a cyber incident such as data breach response, ransomware, network business interruption, and digital asset restoration. The focus is getting the company back in business. Third-party coverage protects against lawsuits from customers, partners, or regulators, with a focus on paying damages to outside parties. The policy your company purchases may include either one or both categories, but whatever policy you choose should be tailored to fit your company’s needs and the types of exposure your company has.

We highly recommend cyber liability insurance and believe it is necessary for businesses that store or send digital data. There are many companies that offer this insurance, so you have a lot of options to choose a company and a policy that best fits your needs.

R&A’s IT audit and advisory team can provide insight into how to protect yourself and your organization from cyber threats. Our goal is to help you get the information you need to make the best decisions on how to protect yourself and your business. Let us know if you have questions or how we can help you become informed about this important topic.